Security Enhancement to a Group Key Transfer Protocol Against Insider Attack

Executive Summary

Group key transfer protocol distributes a session key to authorized members with a trusted key generation center. Nam et al. claim that they achieve security, efficiency and correctness based on Shamir's secret sharing, which is the improved version of Harn-Lin's protocol. The authors' main contribution is to show the security flaws of Nam-protocol and Harn-Lin's protocol that malicious authorized group member can compromise other member's long-term secret. An improved protocol against insider attack and outsider attack is proposed which is secure and efficient.